Stop Calling It Account Takeover “Fraud”


A few years ago, when it started to become clear that account takeover (ATO) was becoming a threat, it was understandable that it was seen as a fraud problem. After all, the identity theft inherent in taking over a user’s account does, on some level, amount to fraud. But as the ATO problem has grown, impacting nearly every online business, it’s become clear that we need a mindset shift in how we...

We shouldn’t focus on changing user behavior—but on understanding it


The state of online identity is bleak—mostly because it relies on an outdated username and password model. Each year, 1 billion credentials are leaked or breached, and 73 percent of passwords are being reused across sites. These dynamics have led to an increase in account takeovers (ATOs), in which a hacker tries stolen credentials across a variety of websites and takes over entire accounts to...